On Thu, 2 Aug 2007, John Fouhy wrote: > I'm not sure about PRAGMA, but you can do introspection in sqlite by > examining the table 'sqlite_master'.
Thanks. That's how I get the table names, actually. But it doesn't give the column names. It does give the SQL used to create the table, so I could theoretically parse that out. I suppose I don't actually have a risk in this particular case by using the python-based "%" substitution, rather than the DB API "?" substitution. The table names come directly out of the schema, with no opportunity for a user-driven SQL injection. I'd just like to use good habits from the start. _______________________________________________ Tutor maillist - Tutor@python.org http://mail.python.org/mailman/listinfo/tutor
